Speaking Notes for GTEC 2014 by Corinne Charette, Chief Information Officer for the government of Canada, October 28, 2014

Introduction

Good morning. Hello and welcome.

This is my sixth year at GTEC, and I'm pleased to have this opportunity to welcome everyone and help set the stage once again for this year's conference.

For the sixth time, I have the great pleasure of addressing public and private sector technology leaders at this conference.

GTEC continues to be the “must attend” event for Canadian technology leaders and practitioners across the federal, provincial and municipal governments.

I would like to thank all our organizers and sponsors for their hard work and support again this year.

For my part, GTEC is an important opportunity to continue the dialogue about the state and role of technology in the Government of Canada, about our progress on transformation and, of course, our plans for moving forward towards our end state vision: a public service that seizes the opportunities and embodies the characteristics laid out in Digital Canada 150, Canada's digital strategy.

Clearly, we're living through a period of change in our organizations in this age of the Internet, 24/7 communications, the interconnectivity of all individuals and organizations, and the increasing utilization of the global information reservoir for purposes both good and bad.

In government, we seek to provide accessible service delivery and to engage in real-time dialogue and collaboration with citizens, other governments, academia and businesses.

Our challenge is to achieve this while maintaining the levels of security and privacy we require in a period of fiscal constraint – open, secure and affordable.

We need to make our services open and user-friendly while maintaining security in a climate of budgetary restraints. Open and secure: no small feat.

Federal organizations have been streamlining their operations, leveraging technology and innovative partnerships, and pursuing creative solutions to meet the needs of citizens.

This work helps us reduce duplication in our systems portfolios and reallocate our resources to critical government system priorities.

And all of this is happening in an increasingly challenging security environment, an environment where cyberattacks are increasing, and, tragically, as was seen last week, deadly attacks on members of our armed forces.

Indeed, the threat of security breaches is part of our new normal.

I would like to begin my remarks this year by focusing on security because I know it's on everyone's minds.

A Few Words on Our Security Challenges

Heartbleed and Shellshock. The cyberattack on the National Research Council. We are deeply concerned about these cyber incidents.

Much time and effort is being spent reviewing our defensive measures and ensuring that cyber attackers don't gain advantage, and that the Internet continues to be a trusted medium to communicate and do business with governments and the private sector alike.

But let me be clear: With every incident, the Government of Canada was able to quickly minimize the impact to our systems. Yes, despite these threats, the government was able to quickly take control and minimize the impact to our systems.

We worked closely with all our partners in government and the private sector to quickly implement the appropriate measures required to identify vulnerable systems, investigate the threats, and take decisive measures to address and neutralize them.

As a result, our systems continue to be secure for Canadians, although we are cognizant that they remain highly attractive targets for malicious cyber actors.

So, fresh thinking at all levels on how to defend, secure and protect our organizations, the information we manage, and our systems and other physical infrastructure is top of mind.

Which is why we have been conducting a number of “lessons learned” activities for each incident that will inform the refresh of our policies, of our procurement activities, of the way we design and implement new technology solutions, and of the way we manage and operate our systems.

We are renewing our IT Incident Management Plan to enable more effective response to this dynamic threat environment.

We are augmenting our online threat-monitoring measures so that we can continue to maintain the highest standards of security on government systems and networks.

And, to ensure that all departments and agencies are monitored and defended to the same degree, we're looking at migrating all corporate wide area networks and regional Internet access points for the more than 55 federal institutions that are not already within Shared Services Canada's mandate to its centrally managed WAN network.

These efforts are founded on the excellent security work undertaken by all departments and Shared Services Canada over the past year.

Suffice it to say that today's security threats have made the job of securing our organizations, IT assets, and information that much more challenging because of the velocity and volume of the threats, but also because of the diversity and complexity of the GC IMIT ecosystem.

Security, as we have seen, is a shared challenge with distributed responsibilities at all levels of the system continuum, bringing shared accountability for overall IMIT security. Starting with the program owner who must be satisfied that a system is ready to go into production and that risks are properly addressed, to the end-users who have responsibilities on how they use systems and information, to the departmental CIOs who must ensure the security of applications and their information management repositories, and Shared Services Canada with its focus on the supporting infrastructure.

Over the next year, we will focus the GC (Government of Canada) community on the security continuum to ensure that everyone understands the risks and their roles in the value chain so that we employ all the best tools and practices to continuously reinforce our security profile.

But I'm confident that we have a strong secure foundation in place.

Progress

Before I continue, I would like to spend a bit of time highlighting a few significant milestones and achievements, as I do every year, as well as point to where we are looking next in each of these areas as we continue leveraging digital technologies to better serve Canadians.

Rationalization of Applications

We continue to make good progress in consolidating and modernizing our back and front office systems.

Departments are retiring, renewing or replacing the impressive legacy of IT systems implemented over the last decades.

To support departments, we have established an Application Portfolio Management regime that will support IT investment planning in departments and support the oversight of IT applications on a whole-of-government scale. This is the first step in the mitigation of risks associated with aging IT.

The government-wide applications rationalization program now includes roadmaps for reducing the use of core back office IT applications in human resources, financial management and electronic documents records management, and in other enterprise solutions that can support more than one department, such as our work on case management systems.

A key focus for us over the next 12 months will be to develop an integrated IT plan to ensure that departmental and enterprise initiatives are aligned with the work being done by Shared Services Canada to transform our IT infrastructure, including the consolidation of email systems, data centres, end-user devices and telecommunications. This is a complex task that will require that we align and recalibrate our plans over these three core areas of work.

Another focus of the next 12 months will be on cloud computing, as mentioned by Minister Clement earlier this month and which is an important part of our future vision.

Why Cloud Computing?

From our initial work on integrated planning, it is clear we have much to do. Simply, there are more opportunities for us to continue to drive transformational changes given the size of the federal government than there are available financial resources or the required people and skills capacity to do it all by ourselves. This is according to the traditional models of systems implementation and operations we have been leveraging.

While we have renewed a number of critical legacy systems over the last five years, there are still many aging, differently architected systems maintained to varying standards of availability and security distributed across an IT landscape that CIOs and Shared Services Canada are working hard to consolidate and secure.

One way we're planning on achieving the renewal of a portion of our portfolio is by leveraging cloud-based services, moving them to modern platforms that are maintained and operated by the private sector.

Cloud services will allow federal organizations to, in select areas, ramp up new capabilities without the need for investments in purpose-built GC applications and infrastructure. Departments will be able to rely on service providers to provide solutions that can be implemented quickly, with minimal to no customization and with minimal upfront cost.

Cloud services will allow departments to shift a portion of their IT work outside their organizations to available private sector resources, thereby freeing up resources for other systems priorities that only departments can assure.

Our careful and deliberate adoption of cloud computing will also provide a platform for industry to develop a strong domestic cloud-based service industry that all our provincial, territorial and municipal partners can also benefit from. With our aggregate buying power, the federal government has an important role as an early adopter in some endeavours to help shape Canadian cloud-based services to our specific national requirements.

And while it is important that we move in this direction, it is critical that we first address all security, confidentiality and privacy issues.

I look forward to receiving the input and recommendations of industry leaders at our upcoming consultations later this fall.

Yesterday, our Request for Information on cloud computing was posted on buyandsell.ca. Let me give you a bit of a preview of the type of issues we would like views on.

They include input on the solutions that will allow the government to effectively leverage cloud services, while at the same time assure the privacy and confidentiality of information and address potential security breaches and data loss issues.

We also want to know which business opportunities are best fulfilled by cloud offerings and any technical barriers that could slow down the availability of affordable cloud services.

Through our consultations on cloud computing, we are seeking opinions and advice from the private sector.

We will be keenly interested in input from industry on how we can radically minimize and potentially eliminate upfront investments and speed procurement for these services.

We have created a Cloud Working Group with representatives from federal, provincial and territorial governments to participate in these consultations, driving a well-defined cloud computing strategy for the Government of Canada.

Progress on Open Government

We've taken important steps to advance transparency, accountability and citizen participation through our many activities on open government. Our new Directive on Open Government requires departments to prioritize their eligible data and information stores for proactive release.

The second iteration of Canada's Action Plan on Open Government is nearly ready for publication and includes a number of new initiatives. Over the last year, the federal government has taken a leadership role in fostering greater openness and cooperation – not just in our own organizations, but across Canada and indeed the world. Of course, we are very pleased that our open data portal won the GTEC award last night.

In particular, we have led a pan-Canadian working group to support collaboration on open data and open government activities. More provinces and municipalities continue to adopt our common Open Government Licence, leading the way for federated search capability across independent data portals from different jurisdictions.

And internationally, Canada played an instrumental role in the development of the G8 Open Data Charter.

Cloud computing and open government are just a few examples of the way we're transforming the way we work that are contributing directly to the government's plan to guide Canada's digital future, as laid out in Digital Canada 150, which sets out a vision of what Canada can achieve by the time we celebrate our 150th anniversary, in 2017, and beyond.

It calls on federal institutions to seize the promise of today's digital age.

It reflects the fact that citizens are increasingly relying on e-services when applying for and receiving benefits. And they expect user-friendly, secure and confidential web services.

Meeting those high expectations is a big part of our renewal challenge that we are addressing through new government-wide policies by leveraging digital technologies and by sourcing and implementing solutions differently.

Policy on Service: Tell Us Once

Earlier this year, we released a new Policy on Service, which came into effect on October 1 and will be implemented over three years.

The policy aims to increase the number and uptake of e-services, and enhance the efficiency of service delivery through the prioritization of services that need to move online, through the gradual implementation of consistent service standards for departmental service delivery across all channels.

This service policy will ensure that online services offered by federal organizations are not only client-focused but are also secure and have improved usability through the consolidation of access, over time, through single portals with simplified enrolment.

The policy also requires departments to review their services for efficiency and effectiveness, including leveraging partnerships for service delivery where feasible – partnerships with other federal departments, with our provincial-territorial-municipal colleagues, and with the private sector. This will require more federation.

Our new service policy sets the framework within which we are currently developing a new service strategy for the government in close collaboration with Employment and Social Development Canada, as well as other departments offering services to Canadians and businesses – an approach that will gradually simplify access.

Our Cyber Authentication Renewal Initiative established an important foundation for the delivery of secure online services through the federation of credentials that is not only client-centric and secure, but was also achieved at a significantly reduced cost to taxpayers and in a manner that respects privacy.

We are also making great progress in our work with our 13 federal, provincial and territorial (FPT) partners on federated identity. A common standard for identity assurance is already in place across the Government of Canada and has been adopted in principle by our FPT partners. This will set the stage for how we can rely on identity assertions from other jurisdictions. This will also enable the electronic validation of identity attributes for individuals and businesses, which is essential in an online world where identity thieves and imposters abound.

This permits Canadians and businesses to tell all levels of government their key information “just once.”

Partnerships like these have given rise to new services such as the Bundled Birth Service, announced earlier this year. This joint effort between the federal government and New Brunswick permits parents to register their child's birth and apply for their child's Social Insurance Number and Canada child benefits in one simple step. We can envisage a future where this bundled service is available across Canada in all jurisdictions.

Supporting improved online services is also a key objective of our Web Renewal Initiative.

Web Renewal

The Web Renewal Initiative is an excellent example of our progress in consolidating our web presence through collaboration across government departments towards the objective of better service to citizens.

Last December, we launched Canada.ca, which when complete will consolidate our 1,500 departmental websites into one user-centric site on a single technology platform.

Our target date for completion is December 2016. And I'm confident we will get there, specifically because we are leveraging agile approaches, broad collaboration and cloud services.

Our work to renew our website is focused on creating a more user-friendly experience for people using our services and will be based on tools and services offered by the private sector.

We have already partnered with a Canadian company, HootSuite, which is now the official enterprise solution for social media account management for the Government of Canada.

And last week, we launched our Request for Proposals for Managed Web Services that will provide us with a new cloud-based platform supporting Canada.ca securely, 24/7, to citizens and other constituents anywhere in Canada and throughout the world.

And I would add that our new website is currently ranked first among G8 countries. Canada.ca was recognized for its coverage of basically every need and necessity of the general population, and for being the most user-friendly and comprehensive among its peers.

We have achieved considerable success over the past year thanks to the cooperation we were able to encourage between departments.

A Few Words on the OECD Network on E-Government

I chair the network that supports the development and implementation of digital government strategies that efficiently and effectively deliver services to citizens and businesses. My colleagues from other OECD countries, some of which are present here for the concurrent ICA conference (International Council for IT in Government Administration) and who are part of this network, all see digital service delivery as a key driver in the 21st century to shape, improve and transform their public institutions.

Which is why the e-government network issued a series of recommendations earlier this year that make up the first international legal instrument on digital government. The 12 recommendations fall under three themes that Canada has been espousing for some time: open government, cost-effective digital service delivery, and collaboration across institutions and jurisdictions. We are very proud of our contributions to this OECD instrument and the additional support it provides to our Canadian public sector transformation.

Blueprint 2020

Social media tools have also played a key role in advancing key priorities in the government.

This includes the Clerk's Blueprint 2020 initiative on the future of the public service.

The use of this open-source-based tool to support Blueprint 2020 was tremendous. GCconnex use grew by 268 per cent, with thousands of comments and suggestions – an example of a cost-effective tool enabling conversation and engaging people in real time from diverse government organizations and regions of the country. This is also an example of public servants collaborating widely across departmental, geographic and, soon, jurisdictional boundaries.

Role of CIOs and Employee Training

Work in the areas I have touched upon has resulted in a profound change in the role of CIOs in departments and a change in the skills complement of their teams to keep up with the new normal in systems implementation and in security.

It used to be that keeping IT infrastructure services up and running, such as data centres and email systems, was the main focus of CIOs.

Now, a CIO's primary challenge is to identify new ways to deliver IT services, both to their employees and to Canadians as a whole, in a manner that minimizes upfront investments where possible, and that is agile and delivers outcomes progressively throughout the project life cycle. Gone are the days of projects with no deliverables until years 4, 5 and 6. Cloud computing will be considered whenever new IT investments are proposed because it meets this criteria.

To assist CIOs during this period of transition, we are working on updating our Directive on Management of Information Technology. So stay tuned for that.

We also recognize that this has been a period of transition for all IT professionals across the government.

We are aware that the transformation of our IT approaches, tools and solutions brings about significant changes to the roles of information leaders, as well as to the roles of all our support professionals.

Today, IT professionals have an opportunity to be far more involved in the delivery of services and programs to Canadians.

Their role as business partners is growing, and their strategic advice is being sought more and more.

Members of the IT community need to understand this shift. They must prepare to acquire a better knowledge of the business of government and their department, and the competencies and technical skills required in the future. They need to adopt new, agile delivery approaches and embed security into every step of the implementation journey.

So I'm calling on all IT employees to do an assessment of their current skills, knowledge and experience, and to identify areas for development.

And I'm calling on IT managers to guide their employees to the training and learning they'll need for a successful career in the public service of the future.

Training must be a priority. And I can tell you that it's a priority for me. Over the coming months, we will be looking at the training available to the IT community and working with the Canada School of Public Service and others to ensure that the right training and learning tools and classes are available.

In some skills areas, capacity is a real challenge for us. One of these is project management. With the number of initiatives already underway and planned, we don't have the bench strength to manage all the projects. While we have many fine executives across the Government of Canada, we have few seasoned project managers with hands-on experience successfully leading multi-million-dollar, complex and transformational projects. Project management training and the creation of departmental project management offices goes some way to closing the gap, but not far enough. As a result, over the next year, we will be establishing a GC-wide pool of skilled project managers sourced from outside the government that departments will be able to tap into, using tools such as term positions and interchanges.

Conclusion

As we continue moving forward in the digital economy, the government must continue to safeguard the trust of Canadians through the delivery of citizen-focused, secure and affordable services.

Let me recap. Over the next year we will be focusing on the following:

• Security throughout the systems implementation life cycle and value chain
• Integrated planning across the Government of Canada to align departmental, enterprise and Shared Services Canada initiatives
• The use of cloud computing where feasible to augment our implementation and delivery capacity while reducing implementation cost and time
• Moving forward with the next steps of federated identity with our federal, provincial and territorial partners
• New policies that will enable and accelerate our GC IT transformation
• Getting the internal capacity in place we need to achieve the shift
• Working to integrate our private sector partners in more of our solution implementation and management initiatives

I believe that this is an exciting time for members of the IT community in all jurisdictions, and in the private sector during this period of public service renewal, and that they will seize this opportunity to update their skills, transform the way we work and provide better serve to Canadians.

I am confident that our IT teams will establish fruitful partnerships with the private sector to rise to the challenges we face during this period of transformation, to enable us to better serve Canadians.

Thank you very much.